Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

Friday, December 9, 2016

• A December 7 fire at a Rocky Mountain Power substation in Rigby,
Idaho, caused roughly 27,000 customers in eastern Idaho to lose power for
several hours December 7 – 8. – KIFI 8 Idaho Falls

1. December 8, KIFI 8
Idaho Falls – (Idaho) Power restored in Rexburg, Rigby and Ririe. A
December 7 fire at a Rocky Mountain Power substation in Rigby, Idaho, caused
roughly 27,000 customers in eastern Idaho to lose power for several hours
December 7 – 8. Officials determined the fire was caused by the failure of a
voltage monitoring device.

• Hyundai Motor Company issued a recall December 8 for 41,264 of
its model years 2007 – 2008 Hyundai Entourage vehicles sold in the U.S. due to
a hood latch issue. – TheCarConnection.com

3. December 8,
TheCarConnection.com – (National) 2007-2008 Hyundai Entourage recalled
to fix hood latch glitch. Hyundai Motor Company issued a recall December 8
for 41,264 of its model years 2007 – 2008 Hyundai Entourage vehicles sold in
the U.S. due to an issue with the secondary hood latches where the latches can
become corroded and get stuck in the open position, which may prevent the
secondary latch from holding the hood in place if the primary latch fails,
thereby causing significant visibility problems for a driver and increasing the
risk of an accident. Source: http://www.thecarconnection.com/news/1107683_2007-2008-hyundai-entourage-recalled-to-fix-hood-latch-glitch

• Researchers reported that two zero-day flaws affecting hundreds
of thousands of Internet Protocol (IP) cameras worldwide could cause the devices
to be ensnared into Internet of Things (IoT) botnets. – SecurityWeek

4. December 7,
SecurityWeek – (International) Hundreds of thousands of IP cameras
exposed to IoT botnets. Cybereason security researchers reported that two
zero-day flaws, including a combined authentication bypass and information
disclosure bug affect hundreds of thousands of Internet Protocol (IP) cameras
worldwide, making them susceptible to malware compromise, which could
subsequently cause the devices to be ensnared into Internet of Things (IoT)
botnets. An attacker can leverage the vulnerabilities to move the camera and
see the images it is sending, as well as execute malicious code, and find other
cameras plagued by the same vulnerabilities.

• Officials reported that a pump failed at a lift station in
Callaway, Florida, causing the release of approximately 25,000 gallons of
untreated wastewater December 7. – WJHG 7 Panama City/WECP 18 Panama City

18. December 7, WJHG 7
Panama City/WECP 18 Panama City – (Florida) Untreated wastewater
discharged into Callaway creek. Bay County, Florida officials reported that
a pump failed during routine testing of a power generator at the Advanced
Wastewater Treatment Plant lift station in Callaway, causing the release of
approximately 25,000 gallons of untreated wastewater into a neighboring creek
December 7. County utility crews cleaned up the site and were conducting water
quality testing at the creek. Source:
http://www.wjhg.com/content/news/Untreated-wastewater-discharged-into-Callaway-creek-405299585.html

Financial Services Sector

5. December 7, U.S.
Department of Justice – (Louisiana) Louisiana criminal defense attorney
pleads guilty to tax evasion. A criminal defense attorney from Baton Rouge,
Louisiana, pleaded guilty December 7 to evading payment of roughly $1 million
in Federal income tax, penalties, and interest, as well as employment tax,
penalties, and interest between 2003 and 2013 while operating a criminal
defense law practice in Hammond. In an effort to hide the ownership of his
property and avoid the payment of his tax liabilities, the attorney used
nominees and the trusts he beneficially owned to buy his primary residence for
$435,000 in January 2007, and deposited $416,283 into the nominee bank account
with funds from the trusts and other accounts not under his ownership between
January 2007 and January 2014. Source: https://www.justice.gov/opa/pr/louisiana-criminal-defense-attorney-pleads-guilty-tax-evasion

Information Technology Sector

27. December 8,
SecurityWeek – (International) August stealer uses PowerShell for
fileless infection. Proofpoint security researchers warned that a new
information stealing malware, dubbed August leverages Microsoft Word documents
containing malicious macros, which once enabled, launch a PowerShell command to
download and install the August stealer on a machine for a fileless infection.
The malicious payload is downloaded from a remote site as a PowerShell byte
array, and targets customer service and managerial staff at retail stores to
steal credentials and sensitive documents from the affected devices.

28. December 8, Help Net
Security – (International) 323,000 pieces of malware detected daily. Kaspersky
Lab reported that the number of new malware files detected by its products
increased to 323,000 per day in 2016, an increase of 13,000 from the amount of
files detected in 2015. Source: https://www.helpnetsecurity.com/2016/12/08/malware-detected-daily/

29. December 7, Help Net
Security – (International) Over 400,000 phishing sites have been
observed each month during 2016. Webroot security researchers reported that
phishing Websites have become more sophisticated and carefully crafted, as 84
percent of phishing sites observed in 2016 existed for less than 24 hours,
making any organization or person susceptible to having sensitive information
stolen. Webroot also found that during 2016, an average of more than 400,000
phishing Websites were observed each month and nearly all of the phishing URLs
are hidden with benign domains, among other findings.

30. December 7,
SecurityWeek – (International) Hackers can exploit Roundcube flaw by
sending an email. RIPS Technologies discovered that Roundcube, an open
source Webmail software was plagued with a critical vulnerability related to
the Hypertext Preprocessor (PHP) function “mail()” that an attacker with access
to the targeted system can exploit to execute arbitrary commands on the system
by sending an email. The security firm found that the user input is not
properly sanitized in the fifth parameter of the “mail()” function, which
allows an attacker to pass arbitrary arguments and create a malicious PHP file
in the system’s Web root directory, enabling the malicious actor to execute
commands and conduct malicious activities. Source:
http://www.securityweek.com/hackers-can-exploit-roundcube-flaw-sending-email

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"